[pkg-wpa-devel] r1796 - in /wpa/trunk: debian/ debian/config/wpasupplicant/ debian/patches/ hostapd/ src/ap/ src/common/ src/crypto/ src/eap_common/ src/eap_peer/ src/eap_server/ src/eapol_supp/ src/p2p/ src/rsn_supp/ src/wps/ wpa_supplicant/ wpa_supplicant/dbus/ wpa_supplicant/wpa_gui-qt4/
slh-guest at users.alioth.debian.org
slh-guest at users.alioth.debian.org
Wed Jan 16 18:13:09 UTC 2013
Author: slh-guest
Date: Wed Jan 16 18:13:08 2013
New Revision: 1796
URL: http://svn.debian.org/wsvn/pkg-wpa/?sc=1&rev=1796
Log:
* New upstream release:
- drop 11_wpa_gui_ftbfs_gcc_4_7, applied upstream.
* enable simple AP support for wpasupplicant, thanks to Patrik Flykt
<patrik.flykt at linux.intel.com> (Closes: #690536).
* use the readline6, wpa_cli doesn't link to openssl.
Removed:
wpa/trunk/debian/patches/11_wpa_gui_ftbfs_gcc_4_7.patch
Modified:
wpa/trunk/debian/changelog
wpa/trunk/debian/config/wpasupplicant/kfreebsd
wpa/trunk/debian/config/wpasupplicant/linux
wpa/trunk/debian/control
wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch
wpa/trunk/debian/patches/series
wpa/trunk/hostapd/ChangeLog
wpa/trunk/hostapd/hlr_auc_gw.c
wpa/trunk/hostapd/hostapd.eap_user
wpa/trunk/src/ap/drv_callbacks.c
wpa/trunk/src/ap/wpa_auth.c
wpa/trunk/src/common/version.h
wpa/trunk/src/crypto/tls_openssl.c
wpa/trunk/src/eap_common/eap_defs.h
wpa/trunk/src/eap_common/eap_pwd_common.c
wpa/trunk/src/eap_peer/eap.c
wpa/trunk/src/eap_peer/eap_aka.c
wpa/trunk/src/eap_peer/eap_sim.c
wpa/trunk/src/eap_server/eap_server_aka.c
wpa/trunk/src/eap_server/eap_server_sim.c
wpa/trunk/src/eap_server/eap_server_tls_common.c
wpa/trunk/src/eap_server/eap_server_ttls.c
wpa/trunk/src/eap_server/eap_sim_db.c
wpa/trunk/src/eap_server/eap_sim_db.h
wpa/trunk/src/eapol_supp/eapol_supp_sm.c
wpa/trunk/src/p2p/p2p.c
wpa/trunk/src/p2p/p2p_go_neg.c
wpa/trunk/src/p2p/p2p_i.h
wpa/trunk/src/p2p/p2p_invitation.c
wpa/trunk/src/p2p/p2p_pd.c
wpa/trunk/src/rsn_supp/pmksa_cache.c
wpa/trunk/src/rsn_supp/wpa.c
wpa/trunk/src/wps/wps_common.c
wpa/trunk/src/wps/wps_enrollee.c
wpa/trunk/src/wps/wps_registrar.c
wpa/trunk/wpa_supplicant/ChangeLog
wpa/trunk/wpa_supplicant/config.c
wpa/trunk/wpa_supplicant/config_file.c
wpa/trunk/wpa_supplicant/config_ssid.h
wpa/trunk/wpa_supplicant/ctrl_iface.c
wpa/trunk/wpa_supplicant/ctrl_iface.h
wpa/trunk/wpa_supplicant/dbus/dbus_new.c
wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.c
wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.h
wpa/trunk/wpa_supplicant/events.c
wpa/trunk/wpa_supplicant/interworking.c
wpa/trunk/wpa_supplicant/p2p_supplicant.c
wpa/trunk/wpa_supplicant/scan.c
wpa/trunk/wpa_supplicant/sme.c
wpa/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
wpa/trunk/wpa_supplicant/wpa_supplicant.c
wpa/trunk/wpa_supplicant/wpa_supplicant_i.h
wpa/trunk/wpa_supplicant/wps_supplicant.c
Modified: wpa/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/changelog?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/changelog (original)
+++ wpa/trunk/debian/changelog Wed Jan 16 18:13:08 2013
@@ -1,10 +1,15 @@
-wpa (1.0-4) UNRELEASED; urgency=low
+wpa (1.1-1) UNRELEASED; urgency=low
* NOT RELEASED YET
+ * New upstream release:
+ - drop 11_wpa_gui_ftbfs_gcc_4_7, applied upstream.
* enable IBSS RSN, thanks to Nicolas Cavallari <batchman at free.fr>
(Closes: #678147).
-
- -- Stefan Lippers-Hollmann <s.l-h at gmx.de> Tue, 09 Oct 2012 18:59:35 +0200
+ * enable simple AP support for wpasupplicant, thanks to Patrik Flykt
+ <patrik.flykt at linux.intel.com> (Closes: #690536).
+ * use the readline6, wpa_cli doesn't link to openssl.
+
+ -- Stefan Lippers-Hollmann <s.l-h at gmx.de> Wed, 16 Jan 2013 18:48:22 +0100
wpa (1.0-3) unstable; urgency=high
Modified: wpa/trunk/debian/config/wpasupplicant/kfreebsd
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/config/wpasupplicant/kfreebsd?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/config/wpasupplicant/kfreebsd (original)
+++ wpa/trunk/debian/config/wpasupplicant/kfreebsd Wed Jan 16 18:13:08 2013
@@ -484,3 +484,9 @@
# feature is definately not supportable with wpa 1.0 without further updates
# from the hostapd-1.git stable tree.
#CONFIG_P2P=y
+
+# XXX: Debian #690536
+# keep it disabled for wheezy:
+# - a squeeze --> wheezy regression, but too late in the release cycle
+CONFIG_AP=Y
+
Modified: wpa/trunk/debian/config/wpasupplicant/linux
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/config/wpasupplicant/linux?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/config/wpasupplicant/linux (original)
+++ wpa/trunk/debian/config/wpasupplicant/linux Wed Jan 16 18:13:08 2013
@@ -481,4 +481,10 @@
# - there are still lots of (bug-)fixes going into hostapd-1.git, the P2P
# feature is definately not supportable with wpa 1.0 without further updates
# from the hostapd-1.git stable tree.
-#CONFIG_P2P=y
+CONFIG_P2P=y
+
+# XXX: Debian #690536
+# keep it disabled for wheezy:
+# - a squeeze --> wheezy regression, but too late in the release cycle
+CONFIG_AP=Y
+
Modified: wpa/trunk/debian/control
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/control?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/control (original)
+++ wpa/trunk/debian/control Wed Jan 16 18:13:08 2013
@@ -16,7 +16,7 @@
libnl-genl-3-dev (>= 3.2.3-2~) [linux-any],
libpcap-dev [kfreebsd-any],
libbsd-dev [kfreebsd-any],
- libreadline-gplv2-dev,
+ libreadline-dev,
pkg-config,
qt4-qmake,
docbook-to-man,
Modified: wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch (original)
+++ wpa/trunk/debian/patches/EAP-TLS-server_fix-TLS-Message-length-validation.patch Wed Jan 16 18:13:08 2013
@@ -26,7 +26,7 @@
--- a/src/eap_server/eap_server_tls_common.c
+++ b/src/eap_server/eap_server_tls_common.c
-@@ -224,6 +224,14 @@ static int eap_server_tls_process_fragme
+@@ -232,6 +232,14 @@ static int eap_server_tls_process_fragme
return -1;
}
Modified: wpa/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/debian/patches/series?rev=1796&op=diff
==============================================================================
--- wpa/trunk/debian/patches/series (original)
+++ wpa/trunk/debian/patches/series Wed Jan 16 18:13:08 2013
@@ -2,7 +2,6 @@
02_dbus_group_policy.patch
06_wpa_gui_menu_exec_path.patch
07_dbus_service_syslog.patch
-11_wpa_gui_ftbfs_gcc_4_7.patch
12_wpa_gui_knotify_support.patch
13_human_readable_signal.patch
libnl3-includes.patch
Modified: wpa/trunk/hostapd/ChangeLog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/hostapd/ChangeLog?rev=1796&op=diff
==============================================================================
--- wpa/trunk/hostapd/ChangeLog (original)
+++ wpa/trunk/hostapd/ChangeLog Wed Jan 16 18:13:08 2013
@@ -1,4 +1,28 @@
ChangeLog for hostapd
+
+2012-11-06 - v1.1
+ * Fix EAPOL processing when STA switches between multi-BSSes.
+ * EAP-TLS server: Fix a bug with TLS Message Length validation that
+ could result in the process terminating.
+ * Fix memory allocation failure handling in EAP-TTLS/MSCHAPv2 server.
+ * Fix EAP-FAST with OpenSSL 1.0.1.
+ * Fix WPA GTK rekeying with multiple VLANs.
+ * EAP-pwd: Increase maximum number of hunting-and-pecking iterations,
+ which results in less authentication attempts failing.
+ * hlr_auc_gw: Use 5 bit IND for SQN updates. The length of IND can be
+ configured on the command line with the new -i<IND len> parameter.
+ -i0 would make hlr_auc_gw behave the same as the prev implementation.
+ * EAP-AKA'
+ - Update to RFC 5448 in the leading characters used in the username.
+ This will make EAP-AKA' not interoperate between the earlier draft
+ version and the new version.
+ - server: Fix identity for MK derivation, when the EAP client is using
+ pseudonym.
+ * WPS:
+ - Fix nonce comparisons to compare all bytes, not just the first byte.
+ - Fix NFC password token building with WPS 2.0 to avoid wpabuf
+ overflow and application abort if NFC out-of-band mechanism is used
+ with WPS 2.0 enabled.
2012-04-18 - v1.0
* Add channel selection support in hostapd. See hostapd.conf.
Modified: wpa/trunk/hostapd/hlr_auc_gw.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/hostapd/hlr_auc_gw.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/hostapd/hlr_auc_gw.c (original)
+++ wpa/trunk/hostapd/hlr_auc_gw.c Wed Jan 16 18:13:08 2013
@@ -40,7 +40,11 @@
* text file in IMSI:Kc:SRES:RAND format, IMSI in ASCII, other fields as hex
* strings. This is used to simulate an HLR/AuC. As such, it is not very useful
* for real life authentication, but it is useful both as an example
- * implementation and for EAP-SIM testing.
+ * implementation and for EAP-SIM/AKA/AKA' testing.
+ *
+ * SQN generation follows the not time-based Profile 2 described in
+ * 3GPP TS 33.102 Annex C.3.2. The length of IND is 5 bits by default, but this
+ * can be changed with a command line options if needed.
*/
#include "includes.h"
@@ -53,6 +57,7 @@
static const char *default_socket_path = "/tmp/hlr_auc_gw.sock";
static const char *socket_path;
static int serv_sock = -1;
+static int ind_len = 5;
/* GSM triplets */
struct gsm_triplet {
@@ -466,6 +471,28 @@
}
+static void inc_sqn(u8 *sqn)
+{
+ u64 val, seq, ind;
+
+ /*
+ * SQN = SEQ | IND = SEQ1 | SEQ2 | IND
+ *
+ * The mechanism used here is not time-based, so SEQ2 is void and
+ * SQN = SEQ1 | IND. The length of IND is ind_len bits and the length
+ * of SEQ1 is 48 - ind_len bits.
+ */
+
+ /* Increment both SEQ and IND by one */
+ val = ((u64) WPA_GET_BE32(sqn) << 16) | ((u64) WPA_GET_BE16(sqn + 4));
+ seq = (val >> ind_len) + 1;
+ ind = (val + 1) & ((1 << ind_len) - 1);
+ val = (seq << ind_len) | ind;
+ WPA_PUT_BE32(sqn, val >> 16);
+ WPA_PUT_BE16(sqn + 4, val & 0xffff);
+}
+
+
static void aka_req_auth(int s, struct sockaddr_un *from, socklen_t fromlen,
char *imsi)
{
@@ -485,7 +512,7 @@
if (random_get_bytes(_rand, EAP_AKA_RAND_LEN) < 0)
return;
res_len = EAP_AKA_RES_MAX_LEN;
- inc_byte_array(m->sqn, 6);
+ inc_sqn(m->sqn);
printf("AKA: Milenage with SQN=%02x%02x%02x%02x%02x%02x\n",
m->sqn[0], m->sqn[1], m->sqn[2],
m->sqn[3], m->sqn[4], m->sqn[5]);
@@ -649,14 +676,16 @@
"\n"
"usage:\n"
"hlr_auc_gw [-h] [-s<socket path>] [-g<triplet file>] "
- "[-m<milenage file>]\n"
+ "[-m<milenage file>] \\\n"
+ " [-i<IND len in bits>]\n"
"\n"
"options:\n"
" -h = show this usage help\n"
" -s<socket path> = path for UNIX domain socket\n"
" (default: %s)\n"
" -g<triplet file> = path for GSM authentication triplets\n"
- " -m<milenage file> = path for Milenage keys\n",
+ " -m<milenage file> = path for Milenage keys\n"
+ " -i<IND len in bits> = IND length for SQN (default: 5)\n",
default_socket_path);
}
@@ -670,7 +699,7 @@
socket_path = default_socket_path;
for (;;) {
- c = getopt(argc, argv, "g:hm:s:");
+ c = getopt(argc, argv, "g:hi:m:s:");
if (c < 0)
break;
switch (c) {
@@ -680,6 +709,13 @@
case 'h':
usage();
return 0;
+ case 'i':
+ ind_len = atoi(optarg);
+ if (ind_len < 0 || ind_len > 32) {
+ printf("Invalid IND length\n");
+ return -1;
+ }
+ break;
case 'm':
milenage_file = optarg;
break;
Modified: wpa/trunk/hostapd/hostapd.eap_user
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/hostapd/hostapd.eap_user?rev=1796&op=diff
==============================================================================
--- wpa/trunk/hostapd/hostapd.eap_user (original)
+++ wpa/trunk/hostapd/hostapd.eap_user Wed Jan 16 18:13:08 2013
@@ -69,6 +69,9 @@
"3"* SIM,TTLS,TLS,PEAP,AKA
"4"* AKA,TTLS,TLS,PEAP,SIM
"5"* SIM,TTLS,TLS,PEAP,AKA
+"6"* AKA'
+"7"* AKA'
+"8"* AKA'
# Wildcard for all other identities
* PEAP,TTLS,TLS,SIM,AKA
@@ -89,3 +92,6 @@
"3"* SIM [2]
"4"* AKA [2]
"5"* SIM [2]
+"6"* AKA' [2]
+"7"* AKA' [2]
+"8"* AKA' [2]
Modified: wpa/trunk/src/ap/drv_callbacks.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/ap/drv_callbacks.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/ap/drv_callbacks.c (original)
+++ wpa/trunk/src/ap/drv_callbacks.c Wed Jan 16 18:13:08 2013
@@ -461,12 +461,15 @@
const u8 *data, size_t data_len)
{
struct hostapd_iface *iface = hapd->iface;
+ struct sta_info *sta;
size_t j;
for (j = 0; j < iface->num_bss; j++) {
- if (ap_get_sta(iface->bss[j], src)) {
- hapd = iface->bss[j];
- break;
+ if ((sta = ap_get_sta(iface->bss[j], src))) {
+ if (sta->flags & WLAN_STA_ASSOC) {
+ hapd = iface->bss[j];
+ break;
+ }
}
}
Modified: wpa/trunk/src/ap/wpa_auth.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/ap/wpa_auth.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/ap/wpa_auth.c (original)
+++ wpa/trunk/src/ap/wpa_auth.c Wed Jan 16 18:13:08 2013
@@ -2334,6 +2334,9 @@
static int wpa_group_update_sta(struct wpa_state_machine *sm, void *ctx)
{
+ if (ctx != NULL && ctx != sm->group)
+ return 0;
+
if (sm->wpa_ptk_state != WPA_PTK_PTKINITDONE) {
wpa_auth_logger(sm->wpa_auth, sm->addr, LOGGER_DEBUG,
"Not in PTKINITDONE; skip Group Key update");
@@ -2388,7 +2391,7 @@
group->GKeyDoneStations);
group->GKeyDoneStations = 0;
}
- wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, NULL);
+ wpa_auth_for_each_sta(wpa_auth, wpa_group_update_sta, group);
wpa_printf(MSG_DEBUG, "wpa_group_setkeys: GKeyDoneStations=%d",
group->GKeyDoneStations);
}
Modified: wpa/trunk/src/common/version.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/common/version.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/common/version.h (original)
+++ wpa/trunk/src/common/version.h Wed Jan 16 18:13:08 2013
@@ -5,6 +5,6 @@
#define VERSION_STR_POSTFIX ""
#endif /* VERSION_STR_POSTFIX */
-#define VERSION_STR "1.0" VERSION_STR_POSTFIX
+#define VERSION_STR "1.1" VERSION_STR_POSTFIX
#endif /* VERSION_H */
Modified: wpa/trunk/src/crypto/tls_openssl.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/crypto/tls_openssl.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/crypto/tls_openssl.c (original)
+++ wpa/trunk/src/crypto/tls_openssl.c Wed Jan 16 18:13:08 2013
@@ -2785,6 +2785,7 @@
{
const EVP_CIPHER *c;
const EVP_MD *h;
+ int md_size;
if (conn == NULL || conn->ssl == NULL ||
conn->ssl->enc_read_ctx == NULL ||
@@ -2798,9 +2799,20 @@
#else
h = conn->ssl->read_hash;
#endif
-
+ if (h)
+ md_size = EVP_MD_size(h);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ else if (conn->ssl->s3)
+ md_size = conn->ssl->s3->tmp.new_mac_secret_size;
+#endif
+ else
+ return -1;
+
+ wpa_printf(MSG_DEBUG, "OpenSSL: keyblock size: key_len=%d MD_size=%d "
+ "IV_len=%d", EVP_CIPHER_key_length(c), md_size,
+ EVP_CIPHER_iv_length(c));
return 2 * (EVP_CIPHER_key_length(c) +
- EVP_MD_size(h) +
+ md_size +
EVP_CIPHER_iv_length(c));
}
Modified: wpa/trunk/src/eap_common/eap_defs.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_common/eap_defs.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_common/eap_defs.h (original)
+++ wpa/trunk/src/eap_common/eap_defs.h Wed Jan 16 18:13:08 2013
@@ -66,7 +66,7 @@
EAP_TYPE_PSK = 47 /* RFC 4764 */,
EAP_TYPE_SAKE = 48 /* RFC 4763 */,
EAP_TYPE_IKEV2 = 49 /* RFC 5106 */,
- EAP_TYPE_AKA_PRIME = 50 /* draft-arkko-eap-aka-kdf-10.txt */,
+ EAP_TYPE_AKA_PRIME = 50 /* RFC 5448 */,
EAP_TYPE_GPSK = 51 /* RFC 5433 */,
EAP_TYPE_PWD = 52 /* RFC 5931 */,
EAP_TYPE_EXPANDED = 254 /* RFC 3748 */
Modified: wpa/trunk/src/eap_common/eap_pwd_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_common/eap_pwd_common.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_common/eap_pwd_common.c (original)
+++ wpa/trunk/src/eap_common/eap_pwd_common.c Wed Jan 16 18:13:08 2013
@@ -160,7 +160,7 @@
os_memset(prfbuf, 0, primebytelen);
ctr = 0;
while (1) {
- if (ctr > 10) {
+ if (ctr > 30) {
wpa_printf(MSG_INFO, "EAP-pwd: unable to find random "
"point on curve for group %d, something's "
"fishy", num);
Modified: wpa/trunk/src/eap_peer/eap.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_peer/eap.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_peer/eap.c (original)
+++ wpa/trunk/src/eap_peer/eap.c Wed Jan 16 18:13:08 2013
@@ -881,7 +881,7 @@
static int eap_sm_imsi_identity(struct eap_sm *sm,
struct eap_peer_config *conf)
{
- int aka = 0;
+ enum { EAP_SM_SIM, EAP_SM_AKA, EAP_SM_AKA_PRIME } method = EAP_SM_SIM;
char imsi[100];
size_t imsi_len;
struct eap_method_type *m = conf->eap_methods;
@@ -903,8 +903,14 @@
for (i = 0; m && (m[i].vendor != EAP_VENDOR_IETF ||
m[i].method != EAP_TYPE_NONE); i++) {
if (m[i].vendor == EAP_VENDOR_IETF &&
+ m[i].method == EAP_TYPE_AKA_PRIME) {
+ method = EAP_SM_AKA_PRIME;
+ break;
+ }
+
+ if (m[i].vendor == EAP_VENDOR_IETF &&
m[i].method == EAP_TYPE_AKA) {
- aka = 1;
+ method = EAP_SM_AKA;
break;
}
}
@@ -917,7 +923,17 @@
return -1;
}
- conf->identity[0] = aka ? '0' : '1';
+ switch (method) {
+ case EAP_SM_SIM:
+ conf->identity[0] = '1';
+ break;
+ case EAP_SM_AKA:
+ conf->identity[0] = '0';
+ break;
+ case EAP_SM_AKA_PRIME:
+ conf->identity[0] = '6';
+ break;
+ }
os_memcpy(conf->identity + 1, imsi, imsi_len);
conf->identity_len = 1 + imsi_len;
Modified: wpa/trunk/src/eap_peer/eap_aka.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_peer/eap_aka.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_peer/eap_aka.c (original)
+++ wpa/trunk/src/eap_peer/eap_aka.c Wed Jan 16 18:13:08 2013
@@ -1,6 +1,6 @@
/*
- * EAP peer method: EAP-AKA (RFC 4187) and EAP-AKA' (draft-arkko-eap-aka-kdf)
- * Copyright (c) 2004-2008, Jouni Malinen <j at w1.fi>
+ * EAP peer method: EAP-AKA (RFC 4187) and EAP-AKA' (RFC 5448)
+ * Copyright (c) 2004-2012, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
Modified: wpa/trunk/src/eap_peer/eap_sim.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_peer/eap_sim.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_peer/eap_sim.c (original)
+++ wpa/trunk/src/eap_peer/eap_sim.c Wed Jan 16 18:13:08 2013
@@ -438,7 +438,8 @@
static struct wpabuf * eap_sim_response_reauth(struct eap_sim_data *data,
- u8 id, int counter_too_small)
+ u8 id, int counter_too_small,
+ const u8 *nonce_s)
{
struct eap_sim_msg *msg;
unsigned int counter;
@@ -473,7 +474,7 @@
}
wpa_printf(MSG_DEBUG, " AT_MAC");
eap_sim_msg_add_mac(msg, EAP_SIM_AT_MAC);
- return eap_sim_msg_finish(msg, data->k_aut, data->nonce_s,
+ return eap_sim_msg_finish(msg, data->k_aut, nonce_s,
EAP_SIM_NONCE_S_LEN);
}
@@ -869,7 +870,7 @@
data->reauth_id = NULL;
data->reauth_id_len = 0;
os_free(decrypted);
- return eap_sim_response_reauth(data, id, 1);
+ return eap_sim_response_reauth(data, id, 1, eattr.nonce_s);
}
data->counter = eattr.counter;
@@ -900,7 +901,7 @@
eap_sim_clear_identities(data, CLEAR_REAUTH_ID | CLEAR_EAP_ID);
}
os_free(decrypted);
- return eap_sim_response_reauth(data, id, 0);
+ return eap_sim_response_reauth(data, id, 0, data->nonce_s);
}
Modified: wpa/trunk/src/eap_server/eap_server_aka.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_server_aka.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_server_aka.c (original)
+++ wpa/trunk/src/eap_server/eap_server_aka.c Wed Jan 16 18:13:08 2013
@@ -1,6 +1,6 @@
/*
- * hostapd / EAP-AKA (RFC 4187) and EAP-AKA' (draft-arkko-eap-aka-kdf)
- * Copyright (c) 2005-2008, Jouni Malinen <j at w1.fi>
+ * hostapd / EAP-AKA (RFC 4187) and EAP-AKA' (RFC 5448)
+ * Copyright (c) 2005-2012, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -300,7 +300,10 @@
os_free(data->next_pseudonym);
if (nonce_s == NULL) {
data->next_pseudonym =
- eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 1);
+ eap_sim_db_get_next_pseudonym(
+ sm->eap_sim_db_priv,
+ data->eap_method == EAP_TYPE_AKA_PRIME ?
+ EAP_SIM_DB_AKA_PRIME : EAP_SIM_DB_AKA);
} else {
/* Do not update pseudonym during re-authentication */
data->next_pseudonym = NULL;
@@ -308,7 +311,10 @@
os_free(data->next_reauth_id);
if (data->counter <= EAP_AKA_MAX_FAST_REAUTHS) {
data->next_reauth_id =
- eap_sim_db_get_next_reauth_id(sm->eap_sim_db_priv, 1);
+ eap_sim_db_get_next_reauth_id(
+ sm->eap_sim_db_priv,
+ data->eap_method == EAP_TYPE_AKA_PRIME ?
+ EAP_SIM_DB_AKA_PRIME : EAP_SIM_DB_AKA);
} else {
wpa_printf(MSG_DEBUG, "EAP-AKA: Max fast re-authentication "
"count exceeded - force full authentication");
@@ -626,7 +632,8 @@
identity = data->reauth->identity;
identity_len = data->reauth->identity_len;
} else if (sm->identity && sm->identity_len > 0 &&
- sm->identity[0] == EAP_AKA_PERMANENT_PREFIX) {
+ (sm->identity[0] == EAP_AKA_PERMANENT_PREFIX ||
+ sm->identity[0] == EAP_AKA_PRIME_PERMANENT_PREFIX)) {
identity = sm->identity;
identity_len = sm->identity_len;
} else {
@@ -742,7 +749,7 @@
sm->identity, identity_len);
if (data->eap_method == EAP_TYPE_AKA_PRIME) {
- eap_aka_prime_derive_keys(identity, identity_len, data->ik,
+ eap_aka_prime_derive_keys(sm->identity, identity_len, data->ik,
data->ck, data->k_encr, data->k_aut,
data->k_re, data->msk, data->emsk);
} else {
Modified: wpa/trunk/src/eap_server/eap_server_sim.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_server_sim.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_server_sim.c (original)
+++ wpa/trunk/src/eap_server/eap_server_sim.c Wed Jan 16 18:13:08 2013
@@ -139,7 +139,8 @@
os_free(data->next_pseudonym);
if (nonce_s == NULL) {
data->next_pseudonym =
- eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv, 0);
+ eap_sim_db_get_next_pseudonym(sm->eap_sim_db_priv,
+ EAP_SIM_DB_SIM);
} else {
/* Do not update pseudonym during re-authentication */
data->next_pseudonym = NULL;
@@ -147,7 +148,8 @@
os_free(data->next_reauth_id);
if (data->counter <= EAP_SIM_MAX_FAST_REAUTHS) {
data->next_reauth_id =
- eap_sim_db_get_next_reauth_id(sm->eap_sim_db_priv, 0);
+ eap_sim_db_get_next_reauth_id(sm->eap_sim_db_priv,
+ EAP_SIM_DB_SIM);
} else {
wpa_printf(MSG_DEBUG, "EAP-SIM: Max fast re-authentication "
"count exceeded - force full authentication");
Modified: wpa/trunk/src/eap_server/eap_server_tls_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_server_tls_common.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_server_tls_common.c (original)
+++ wpa/trunk/src/eap_server/eap_server_tls_common.c Wed Jan 16 18:13:08 2013
@@ -224,6 +224,14 @@
return -1;
}
+ if (len > message_length) {
+ wpa_printf(MSG_INFO, "SSL: Too much data (%d bytes) in "
+ "first fragment of frame (TLS Message "
+ "Length %d bytes)",
+ (int) len, (int) message_length);
+ return -1;
+ }
+
data->tls_in = wpabuf_alloc(message_length);
if (data->tls_in == NULL) {
wpa_printf(MSG_DEBUG, "SSL: No memory for message");
Modified: wpa/trunk/src/eap_server/eap_server_ttls.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_server_ttls.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_server_ttls.c (original)
+++ wpa/trunk/src/eap_server/eap_server_ttls.c Wed Jan 16 18:13:08 2013
@@ -680,6 +680,13 @@
return;
}
+ if (sm->identity == NULL) {
+ wpa_printf(MSG_DEBUG, "EAP-TTLS/MSCHAPV2: No user identity "
+ "known");
+ eap_ttls_state(data, FAILURE);
+ return;
+ }
+
/* MSCHAPv2 does not include optional domain name in the
* challenge-response calculation, so remove domain prefix
* (if present). */
@@ -985,11 +992,12 @@
if (parse.user_name) {
os_free(sm->identity);
sm->identity = os_malloc(parse.user_name_len);
- if (sm->identity) {
- os_memcpy(sm->identity, parse.user_name,
- parse.user_name_len);
- sm->identity_len = parse.user_name_len;
- }
+ if (sm->identity == NULL) {
+ eap_ttls_state(data, FAILURE);
+ goto done;
+ }
+ os_memcpy(sm->identity, parse.user_name, parse.user_name_len);
+ sm->identity_len = parse.user_name_len;
if (eap_user_get(sm, parse.user_name, parse.user_name_len, 1)
!= 0) {
wpa_printf(MSG_DEBUG, "EAP-TTLS: Phase2 Identity not "
Modified: wpa/trunk/src/eap_server/eap_sim_db.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_sim_db.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_sim_db.c (original)
+++ wpa/trunk/src/eap_server/eap_sim_db.c Wed Jan 16 18:13:08 2013
@@ -1,6 +1,6 @@
/*
* hostapd / EAP-SIM database/authenticator gateway
- * Copyright (c) 2005-2007, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2005-2010, 2012, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -653,7 +653,8 @@
if (identity_len == 0 ||
(identity[0] != EAP_SIM_PSEUDONYM_PREFIX &&
- identity[0] != EAP_AKA_PSEUDONYM_PREFIX))
+ identity[0] != EAP_AKA_PSEUDONYM_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_PSEUDONYM_PREFIX))
return NULL;
/* Remove possible realm from identity */
@@ -691,7 +692,8 @@
if (identity_len == 0 ||
(identity[0] != EAP_SIM_PERMANENT_PREFIX &&
- identity[0] != EAP_AKA_PERMANENT_PREFIX))
+ identity[0] != EAP_AKA_PERMANENT_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_PERMANENT_PREFIX))
return NULL;
p = data->pseudonyms;
@@ -716,7 +718,8 @@
if (identity_len == 0 ||
(identity[0] != EAP_SIM_REAUTH_ID_PREFIX &&
- identity[0] != EAP_AKA_REAUTH_ID_PREFIX))
+ identity[0] != EAP_AKA_REAUTH_ID_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_REAUTH_ID_PREFIX))
return NULL;
/* Remove possible realm from identity */
@@ -783,8 +786,9 @@
* @identity_len: Length of identity in bytes
* Returns: 0 if the user is found or -1 on failure
*
- * In most cases, the user name is ['0','1'] | IMSI, i.e., 1 followed by the
- * IMSI in ASCII format, ['2','3'] | pseudonym, or ['4','5'] | reauth_id.
+ * In most cases, the user name is ['0','1','6'] | IMSI, i.e., 1 followed by
+ * the IMSI in ASCII format for EAP-SIM, ['2','3','7'] | pseudonym, or
+ * ['4','5','7'] | reauth_id.
*/
int eap_sim_db_identity_known(void *priv, const u8 *identity,
size_t identity_len)
@@ -795,21 +799,24 @@
return -1;
if (identity[0] == EAP_SIM_PSEUDONYM_PREFIX ||
- identity[0] == EAP_AKA_PSEUDONYM_PREFIX) {
+ identity[0] == EAP_AKA_PSEUDONYM_PREFIX ||
+ identity[0] == EAP_AKA_PRIME_PSEUDONYM_PREFIX) {
struct eap_sim_pseudonym *p =
eap_sim_db_get_pseudonym(data, identity, identity_len);
return p ? 0 : -1;
}
if (identity[0] == EAP_SIM_REAUTH_ID_PREFIX ||
- identity[0] == EAP_AKA_REAUTH_ID_PREFIX) {
+ identity[0] == EAP_AKA_REAUTH_ID_PREFIX ||
+ identity[0] == EAP_AKA_PRIME_REAUTH_ID_PREFIX) {
struct eap_sim_reauth *r =
eap_sim_db_get_reauth(data, identity, identity_len);
return r ? 0 : -1;
}
if (identity[0] != EAP_SIM_PERMANENT_PREFIX &&
- identity[0] != EAP_AKA_PERMANENT_PREFIX) {
+ identity[0] != EAP_AKA_PERMANENT_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_PERMANENT_PREFIX) {
/* Unknown identity prefix */
return -1;
}
@@ -849,7 +856,7 @@
/**
* eap_sim_db_get_next_pseudonym - EAP-SIM DB: Get next pseudonym
* @priv: Private data pointer from eap_sim_db_init()
- * @aka: Using EAP-AKA instead of EAP-SIM
+ * @method: EAP method (SIM/AKA/AKA')
* Returns: Next pseudonym (allocated string) or %NULL on failure
*
* This function is used to generate a pseudonym for EAP-SIM. The returned
@@ -857,18 +864,31 @@
* with eap_sim_db_add_pseudonym() once the authentication has been completed
* successfully. Caller is responsible for freeing the returned buffer.
*/
-char * eap_sim_db_get_next_pseudonym(void *priv, int aka)
+char * eap_sim_db_get_next_pseudonym(void *priv, enum eap_sim_db_method method)
{
struct eap_sim_db_data *data = priv;
- return eap_sim_db_get_next(data, aka ? EAP_AKA_PSEUDONYM_PREFIX :
- EAP_SIM_PSEUDONYM_PREFIX);
+ char prefix = EAP_SIM_REAUTH_ID_PREFIX;
+
+ switch (method) {
+ case EAP_SIM_DB_SIM:
+ prefix = EAP_SIM_PSEUDONYM_PREFIX;
+ break;
+ case EAP_SIM_DB_AKA:
+ prefix = EAP_AKA_PSEUDONYM_PREFIX;
+ break;
+ case EAP_SIM_DB_AKA_PRIME:
+ prefix = EAP_AKA_PRIME_PSEUDONYM_PREFIX;
+ break;
+ }
+
+ return eap_sim_db_get_next(data, prefix);
}
/**
* eap_sim_db_get_next_reauth_id - EAP-SIM DB: Get next reauth_id
* @priv: Private data pointer from eap_sim_db_init()
- * @aka: Using EAP-AKA instead of EAP-SIM
+ * @method: EAP method (SIM/AKA/AKA')
* Returns: Next reauth_id (allocated string) or %NULL on failure
*
* This function is used to generate a fast re-authentication identity for
@@ -877,11 +897,24 @@
* has been completed successfully. Caller is responsible for freeing the
* returned buffer.
*/
-char * eap_sim_db_get_next_reauth_id(void *priv, int aka)
+char * eap_sim_db_get_next_reauth_id(void *priv, enum eap_sim_db_method method)
{
struct eap_sim_db_data *data = priv;
- return eap_sim_db_get_next(data, aka ? EAP_AKA_REAUTH_ID_PREFIX :
- EAP_SIM_REAUTH_ID_PREFIX);
+ char prefix = EAP_SIM_REAUTH_ID_PREFIX;
+
+ switch (method) {
+ case EAP_SIM_DB_SIM:
+ prefix = EAP_SIM_REAUTH_ID_PREFIX;
+ break;
+ case EAP_SIM_DB_AKA:
+ prefix = EAP_AKA_REAUTH_ID_PREFIX;
+ break;
+ case EAP_SIM_DB_AKA_PRIME:
+ prefix = EAP_AKA_PRIME_REAUTH_ID_PREFIX;
+ break;
+ }
+
+ return eap_sim_db_get_next(data, prefix);
}
@@ -1162,7 +1195,7 @@
* called once the results become available.
*
* In most cases, the user name is '0' | IMSI, i.e., 0 followed by the IMSI in
- * ASCII format.
+ * ASCII format for EAP-AKA and '6' | IMSI for EAP-AKA'.
*
* When using an external server for AKA authentication, this function can
* always start a request and return EAP_SIM_DB_PENDING immediately if
@@ -1184,7 +1217,8 @@
char msg[40];
if (identity_len < 2 || identity == NULL ||
- identity[0] != EAP_AKA_PERMANENT_PREFIX) {
+ (identity[0] != EAP_AKA_PERMANENT_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_PERMANENT_PREFIX)) {
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM DB: unexpected identity",
identity, identity_len);
return EAP_SIM_DB_FAILURE;
@@ -1287,7 +1321,8 @@
size_t i;
if (identity_len < 2 || identity == NULL ||
- identity[0] != EAP_AKA_PERMANENT_PREFIX) {
+ (identity[0] != EAP_AKA_PERMANENT_PREFIX &&
+ identity[0] != EAP_AKA_PRIME_PERMANENT_PREFIX)) {
wpa_hexdump_ascii(MSG_DEBUG, "EAP-SIM DB: unexpected identity",
identity, identity_len);
return -1;
Modified: wpa/trunk/src/eap_server/eap_sim_db.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eap_server/eap_sim_db.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eap_server/eap_sim_db.h (original)
+++ wpa/trunk/src/eap_server/eap_sim_db.h Wed Jan 16 18:13:08 2013
@@ -1,6 +1,6 @@
/*
* hostapd / EAP-SIM database/authenticator gateway
- * Copyright (c) 2005-2007, Jouni Malinen <j at w1.fi>
+ * Copyright (c) 2005-2008, 2012, Jouni Malinen <j at w1.fi>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
@@ -24,6 +24,15 @@
#define EAP_AKA_PERMANENT_PREFIX '0'
#define EAP_AKA_PSEUDONYM_PREFIX '2'
#define EAP_AKA_REAUTH_ID_PREFIX '4'
+#define EAP_AKA_PRIME_PERMANENT_PREFIX '6'
+#define EAP_AKA_PRIME_PSEUDONYM_PREFIX '7'
+#define EAP_AKA_PRIME_REAUTH_ID_PREFIX '8'
+
+enum eap_sim_db_method {
+ EAP_SIM_DB_SIM,
+ EAP_SIM_DB_AKA,
+ EAP_SIM_DB_AKA_PRIME
+};
void * eap_sim_db_init(const char *config,
void (*get_complete_cb)(void *ctx, void *session_ctx),
@@ -42,9 +51,11 @@
int eap_sim_db_identity_known(void *priv, const u8 *identity,
size_t identity_len);
-char * eap_sim_db_get_next_pseudonym(void *priv, int aka);
+char * eap_sim_db_get_next_pseudonym(void *priv,
+ enum eap_sim_db_method method);
-char * eap_sim_db_get_next_reauth_id(void *priv, int aka);
+char * eap_sim_db_get_next_reauth_id(void *priv,
+ enum eap_sim_db_method method);
int eap_sim_db_add_pseudonym(void *priv, const u8 *identity,
size_t identity_len, char *pseudonym);
Modified: wpa/trunk/src/eapol_supp/eapol_supp_sm.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/eapol_supp/eapol_supp_sm.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/eapol_supp/eapol_supp_sm.c (original)
+++ wpa/trunk/src/eapol_supp/eapol_supp_sm.c Wed Jan 16 18:13:08 2013
@@ -1491,10 +1491,7 @@
if (sm == NULL)
return;
wpa_printf(MSG_DEBUG, "EAPOL: PMKSA caching was used - skip EAPOL");
- sm->SUPP_PAE_state = SUPP_PAE_AUTHENTICATED;
- sm->suppPortStatus = Authorized;
- eapol_sm_set_port_authorized(sm);
- sm->portValid = TRUE;
+ sm->eapSuccess = TRUE;
eap_notify_success(sm->eap);
eapol_sm_step(sm);
}
Modified: wpa/trunk/src/p2p/p2p.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/p2p/p2p.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/p2p/p2p.c (original)
+++ wpa/trunk/src/p2p/p2p.c Wed Jan 16 18:13:08 2013
@@ -279,7 +279,7 @@
p2p->pending_listen_usec = (timeout % 1000) * 1000;
if (p2p->p2p_scan_running) {
- if (p2p->start_after_scan == P2P_AFTER_SCAN_NOTHING) {
+ if (p2p->start_after_scan == P2P_AFTER_SCAN_CONNECT) {
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
"P2P: p2p_scan running - connect is already "
"pending - skip listen");
@@ -443,13 +443,25 @@
continue; /* ignore our own entry */
dev = p2p_get_device(p2p, cli->p2p_device_addr);
if (dev) {
- /*
- * Update information only if we have not received this
- * directly from the client.
- */
if (dev->flags & (P2P_DEV_GROUP_CLIENT_ONLY |
- P2P_DEV_PROBE_REQ_ONLY))
+ P2P_DEV_PROBE_REQ_ONLY)) {
+ /*
+ * Update information since we have not
+ * received this directly from the client.
+ */
p2p_copy_client_info(dev, cli);
+ } else {
+ /*
+ * Need to update P2P Client Discoverability
+ * flag since it is valid only in P2P Group
+ * Info attribute.
+ */
+ dev->info.dev_capab &=
+ ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+ dev->info.dev_capab |=
+ cli->dev_capab &
+ P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+ }
if (dev->flags & P2P_DEV_PROBE_REQ_ONLY) {
dev->flags &= ~P2P_DEV_PROBE_REQ_ONLY;
}
@@ -532,7 +544,13 @@
}
if (msg->capability) {
- dev->info.dev_capab = msg->capability[0];
+ /*
+ * P2P Client Discoverability bit is reserved in all frames
+ * that use this function, so do not change its value here.
+ */
+ dev->info.dev_capab &= P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
+ dev->info.dev_capab |= msg->capability[0] &
+ ~P2P_DEV_CAPAB_CLIENT_DISCOVERABILITY;
dev->info.group_capab = msg->capability[1];
}
@@ -550,7 +568,7 @@
/**
- * p2p_add_device - Add peer entries based on scan results
+ * p2p_add_device - Add peer entries based on scan results or P2P frames
* @p2p: P2P module context from p2p_init()
* @addr: Source address of Beacon or Probe Response frame (may be either
* P2P Device Address or P2P Interface Address)
@@ -558,6 +576,7 @@
* @freq: Frequency on which the Beacon or Probe Response frame was received
* @ies: IEs from the Beacon or Probe Response frame
* @ies_len: Length of ies buffer in octets
+ * @scan_res: Whether this was based on scan results
* Returns: 0 on success, -1 on failure
*
* If the scan result is for a GO, the clients in the group will also be added
@@ -566,7 +585,7 @@
* Info attributes.
*/
int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, int level,
- const u8 *ies, size_t ies_len)
+ const u8 *ies, size_t ies_len, int scan_res)
{
struct p2p_device *dev;
struct p2p_message msg;
@@ -635,16 +654,18 @@
}
}
- if (dev->listen_freq && dev->listen_freq != freq) {
+ if (dev->listen_freq && dev->listen_freq != freq && scan_res) {
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
"P2P: Update Listen frequency based on scan "
"results (" MACSTR " %d -> %d MHz (DS param %d)",
MAC2STR(dev->info.p2p_device_addr), dev->listen_freq,
freq, msg.ds_params ? *msg.ds_params : -1);
}
- dev->listen_freq = freq;
- if (msg.group_info)
- dev->oper_freq = freq;
+ if (scan_res) {
+ dev->listen_freq = freq;
+ if (msg.group_info)
+ dev->oper_freq = freq;
+ }
dev->info.level = level;
p2p_copy_wps_info(dev, 0, &msg);
@@ -663,8 +684,10 @@
break;
}
- p2p_add_group_clients(p2p, p2p_dev_addr, addr, freq, msg.group_info,
- msg.group_info_len);
+ if (scan_res) {
+ p2p_add_group_clients(p2p, p2p_dev_addr, addr, freq,
+ msg.group_info, msg.group_info_len);
+ }
p2p_parse_free(&msg);
@@ -1881,7 +1904,7 @@
}
if (msg.device_id &&
- os_memcmp(msg.device_id, p2p->cfg->dev_addr, ETH_ALEN != 0)) {
+ os_memcmp(msg.device_id, p2p->cfg->dev_addr, ETH_ALEN) != 0) {
/* Device ID did not match */
p2p_parse_free(&msg);
return;
@@ -2557,7 +2580,13 @@
if (!success) {
p2p->pending_action_state = P2P_NO_PENDING_ACTION;
- if (p2p->state != P2P_IDLE)
+ if (p2p->user_initiated_pd &&
+ (p2p->state == P2P_SEARCH || p2p->state == P2P_LISTEN_ONLY))
+ {
+ /* Retry request from timeout to avoid busy loops */
+ p2p->pending_action_state = P2P_PENDING_PD;
+ p2p_set_timeout(p2p, 0, 50000);
+ } else if (p2p->state != P2P_IDLE)
p2p_continue_find(p2p);
else if (p2p->user_initiated_pd) {
p2p->pending_action_state = P2P_PENDING_PD;
@@ -2585,7 +2614,7 @@
int p2p_scan_res_handler(struct p2p_data *p2p, const u8 *bssid, int freq,
int level, const u8 *ies, size_t ies_len)
{
- p2p_add_device(p2p, bssid, freq, level, ies, ies_len);
+ p2p_add_device(p2p, bssid, freq, level, ies, ies_len, 1);
if (p2p->go_neg_peer && p2p->state == P2P_SEARCH &&
os_memcmp(p2p->go_neg_peer->info.p2p_device_addr, bssid, ETH_ALEN)
@@ -2883,6 +2912,18 @@
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: p2p_scan "
"already in progress - do not try to start a "
"new one");
+ return 1;
+ }
+ if (p2p->pending_listen_freq) {
+ /*
+ * Better wait a bit if the driver is unable to start
+ * offchannel operation for some reason. p2p_search()
+ * will be started from internal timeout.
+ */
+ wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG, "P2P: Listen "
+ "operation did not seem to start - delay "
+ "search phase to avoid busy loop");
+ p2p_set_timeout(p2p, 0, 100000);
return 1;
}
p2p_search(p2p);
Modified: wpa/trunk/src/p2p/p2p_go_neg.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/p2p/p2p_go_neg.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/p2p/p2p_go_neg.c (original)
+++ wpa/trunk/src/p2p/p2p_go_neg.c Wed Jan 16 18:13:08 2013
@@ -660,6 +660,17 @@
if (status == P2P_SC_SUCCESS) {
p2p->pending_action_state = P2P_PENDING_GO_NEG_RESPONSE;
dev->flags |= P2P_DEV_WAIT_GO_NEG_CONFIRM;
+ if (os_memcmp(sa, p2p->cfg->dev_addr, ETH_ALEN) < 0) {
+ /*
+ * Peer has smaller address, so the GO Negotiation
+ * Response from us is expected to complete
+ * negotiation. Ignore a GO Negotiation Response from
+ * the peer if it happens to be received after this
+ * point due to a race condition in GO Negotiation
+ * Request transmission and processing.
+ */
+ dev->flags &= ~P2P_DEV_WAIT_GO_NEG_RESPONSE;
+ }
} else
p2p->pending_action_state =
P2P_PENDING_GO_NEG_RESPONSE_FAILURE;
Modified: wpa/trunk/src/p2p/p2p_i.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/p2p/p2p_i.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/p2p/p2p_i.h (original)
+++ wpa/trunk/src/p2p/p2p_i.h Wed Jan 16 18:13:08 2013
@@ -658,7 +658,7 @@
void p2p_add_dev_info(struct p2p_data *p2p, const u8 *addr,
struct p2p_device *dev, struct p2p_message *msg);
int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, int level,
- const u8 *ies, size_t ies_len);
+ const u8 *ies, size_t ies_len, int scan_res);
struct p2p_device * p2p_get_device(struct p2p_data *p2p, const u8 *addr);
struct p2p_device * p2p_get_device_interface(struct p2p_data *p2p,
const u8 *addr);
Modified: wpa/trunk/src/p2p/p2p_invitation.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/p2p/p2p_invitation.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/p2p/p2p_invitation.c (original)
+++ wpa/trunk/src/p2p/p2p_invitation.c Wed Jan 16 18:13:08 2013
@@ -127,7 +127,8 @@
"P2P: Invitation Request from unknown peer "
MACSTR, MAC2STR(sa));
- if (p2p_add_device(p2p, sa, rx_freq, 0, data + 1, len - 1)) {
+ if (p2p_add_device(p2p, sa, rx_freq, 0, data + 1, len - 1, 0))
+ {
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
"P2P: Invitation Request add device failed "
MACSTR, MAC2STR(sa));
Modified: wpa/trunk/src/p2p/p2p_pd.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/p2p/p2p_pd.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/p2p/p2p_pd.c (original)
+++ wpa/trunk/src/p2p/p2p_pd.c Wed Jan 16 18:13:08 2013
@@ -22,8 +22,8 @@
/*
- * Number of retries to attempt for provision discovery requests during IDLE
- * state in case the peer is not listening.
+ * Number of retries to attempt for provision discovery requests
+ * in case the peer is not listening.
*/
#define MAX_PROV_DISC_REQ_RETRIES 10
@@ -116,7 +116,8 @@
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
"P2P: Provision Discovery Request from "
"unknown peer " MACSTR, MAC2STR(sa));
- if (p2p_add_device(p2p, sa, rx_freq, 0, data + 1, len - 1)) {
+ if (p2p_add_device(p2p, sa, rx_freq, 0, data + 1, len - 1, 0))
+ {
wpa_msg(p2p->cfg->msg_ctx, MSG_DEBUG,
"P2P: Provision Discovery Request add device "
"failed " MACSTR, MAC2STR(sa));
@@ -386,8 +387,7 @@
*/
p2p->user_initiated_pd = !join;
- /* Also set some retries to attempt in case of IDLE state */
- if (p2p->user_initiated_pd && p2p->state == P2P_IDLE)
+ if (p2p->user_initiated_pd)
p2p->pd_retries = MAX_PROV_DISC_REQ_RETRIES;
return p2p_send_prov_disc_req(p2p, dev, join, force_freq);
Modified: wpa/trunk/src/rsn_supp/pmksa_cache.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/rsn_supp/pmksa_cache.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/rsn_supp/pmksa_cache.c (original)
+++ wpa/trunk/src/rsn_supp/pmksa_cache.c Wed Jan 16 18:13:08 2013
@@ -203,11 +203,25 @@
if (pmksa->pmksa_count >= pmksa_cache_max_entries && pmksa->pmksa) {
/* Remove the oldest entry to make room for the new entry */
pos = pmksa->pmksa;
- pmksa->pmksa = pos->next;
- wpa_printf(MSG_DEBUG, "RSN: removed the oldest PMKSA cache "
- "entry (for " MACSTR ") to make room for new one",
- MAC2STR(pos->aa));
- pmksa_cache_free_entry(pmksa, pos, 0);
+
+ if (pos == pmksa->sm->cur_pmksa) {
+ /*
+ * Never remove the current PMKSA cache entry, since
+ * it's in use, and removing it triggers a needless
+ * deauthentication.
+ */
+ pos = pos->next;
+ pmksa->pmksa->next = pos ? pos->next : NULL;
+ } else
+ pmksa->pmksa = pos->next;
+
+ if (pos) {
+ wpa_printf(MSG_DEBUG, "RSN: removed the oldest idle "
+ "PMKSA cache entry (for " MACSTR ") to "
+ "make room for new one",
+ MAC2STR(pos->aa));
+ pmksa_cache_free_entry(pmksa, pos, 0);
+ }
}
/* Add the new entry; order by expiration time */
Modified: wpa/trunk/src/rsn_supp/wpa.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/rsn_supp/wpa.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/rsn_supp/wpa.c (original)
+++ wpa/trunk/src/rsn_supp/wpa.c Wed Jan 16 18:13:08 2013
@@ -195,14 +195,17 @@
#endif /* CONFIG_IEEE80211R */
}
if (res == 0) {
+ struct rsn_pmksa_cache_entry *sa = NULL;
wpa_hexdump_key(MSG_DEBUG, "WPA: PMK from EAPOL state "
"machines", sm->pmk, pmk_len);
sm->pmk_len = pmk_len;
if (sm->proto == WPA_PROTO_RSN &&
!wpa_key_mgmt_ft(sm->key_mgmt)) {
- pmksa_cache_add(sm->pmksa, sm->pmk, pmk_len,
- src_addr, sm->own_addr,
- sm->network_ctx, sm->key_mgmt);
+ sa = pmksa_cache_add(sm->pmksa,
+ sm->pmk, pmk_len,
+ src_addr, sm->own_addr,
+ sm->network_ctx,
+ sm->key_mgmt);
}
if (!sm->cur_pmksa && pmkid &&
pmksa_cache_get(sm->pmksa, src_addr, pmkid)) {
@@ -211,6 +214,9 @@
"PMKID");
abort_cached = 0;
}
+
+ if (!sm->cur_pmksa)
+ sm->cur_pmksa = sa;
} else {
wpa_msg(sm->ctx->msg_ctx, MSG_WARNING,
"WPA: Failed to get master session key from "
Modified: wpa/trunk/src/wps/wps_common.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/wps/wps_common.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/wps/wps_common.c (original)
+++ wpa/trunk/src/wps/wps_common.c Wed Jan 16 18:13:08 2013
@@ -346,7 +346,7 @@
{
struct wpabuf *data;
- data = wpabuf_alloc(9 + WPS_OOB_DEVICE_PASSWORD_ATTR_LEN);
+ data = wpabuf_alloc(200);
if (data == NULL) {
wpa_printf(MSG_ERROR, "WPS: Failed to allocate memory for OOB "
"device password attribute");
Modified: wpa/trunk/src/wps/wps_enrollee.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/wps/wps_enrollee.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/wps/wps_enrollee.c (original)
+++ wpa/trunk/src/wps/wps_enrollee.c Wed Jan 16 18:13:08 2013
@@ -1155,7 +1155,7 @@
return WPS_FAILURE;
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
return WPS_FAILURE;
}
@@ -1247,14 +1247,14 @@
}
if (attr.registrar_nonce == NULL ||
- os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
+ os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
{
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
return WPS_FAILURE;
}
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
return WPS_FAILURE;
}
@@ -1294,7 +1294,7 @@
}
if (attr.registrar_nonce == NULL ||
- os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
+ os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
{
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
wpa_hexdump(MSG_DEBUG, "WPS: Received Registrar Nonce",
@@ -1305,7 +1305,7 @@
}
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
wpa_hexdump(MSG_DEBUG, "WPS: Received Enrollee Nonce",
attr.enrollee_nonce, WPS_NONCE_LEN);
Modified: wpa/trunk/src/wps/wps_registrar.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/src/wps/wps_registrar.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/src/wps/wps_registrar.c (original)
+++ wpa/trunk/src/wps/wps_registrar.c Wed Jan 16 18:13:08 2013
@@ -2742,7 +2742,7 @@
if (*attr.msg_type != WPS_M1 &&
(attr.registrar_nonce == NULL ||
os_memcmp(wps->nonce_r, attr.registrar_nonce,
- WPS_NONCE_LEN != 0))) {
+ WPS_NONCE_LEN) != 0)) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
return WPS_FAILURE;
}
@@ -2838,14 +2838,14 @@
#endif /* CONFIG_WPS_UPNP */
if (attr.registrar_nonce == NULL ||
- os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
+ os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
{
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
return WPS_FAILURE;
}
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
return WPS_FAILURE;
}
@@ -2907,14 +2907,14 @@
#endif /* CONFIG_WPS_UPNP */
if (attr.registrar_nonce == NULL ||
- os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
+ os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
{
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
return WPS_FAILURE;
}
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
return WPS_FAILURE;
}
@@ -2993,14 +2993,14 @@
#endif /* CONFIG_WPS_UPNP */
if (attr.registrar_nonce == NULL ||
- os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN != 0))
+ os_memcmp(wps->nonce_r, attr.registrar_nonce, WPS_NONCE_LEN) != 0)
{
wpa_printf(MSG_DEBUG, "WPS: Mismatch in registrar nonce");
return WPS_FAILURE;
}
if (attr.enrollee_nonce == NULL ||
- os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN != 0)) {
+ os_memcmp(wps->nonce_e, attr.enrollee_nonce, WPS_NONCE_LEN) != 0) {
wpa_printf(MSG_DEBUG, "WPS: Mismatch in enrollee nonce");
return WPS_FAILURE;
}
Modified: wpa/trunk/wpa_supplicant/ChangeLog
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/ChangeLog?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/ChangeLog (original)
+++ wpa/trunk/wpa_supplicant/ChangeLog Wed Jan 16 18:13:08 2013
@@ -1,4 +1,80 @@
ChangeLog for wpa_supplicant
+
+2012-11-06 - v1.1
+ * Fix EAPOL supplicant port authorization with PMKSA caching.
+ * Fix EAPOL processing when STA switches between multi-BSSes.
+ * Fix EAP-FAST with OpenSSL 1.0.1.
+ * EAP-pwd: Increase maximum number of hunting-and-pecking iterations,
+ which results in less authentication attempts failing.
+ * Set state to DISCONNECTED on AP creation errors. Previously the
+ supplicant would stay in SCANNING state forever.
+ * Fix REMOVE_NETWORK to not run operations with invalid current_ssid.
+ * EAP-SIM peer: Fix AT_COUNTER_TOO_SMALL use.
+ * Interworking: Fix PLMN matching with multiple entries to compare all
+ entries, not just the first one.
+ * Handle long configuration file lines more gracefully.
+ * Fix adding extra IEs in sched scan.
+ * PMKSA: Set cur_pmksa pointer during initial association.
+ * PMKSA: Do not evict the active cache entry when adding new ones.
+ * Set state consistently to DISCONNECTED on auth/assoc failures.
+ * Fix BSSID enforcement with driver-based BSS selection. Set BSSID and
+ channel when the network block has an explicit bssid parameter to
+ select which BSS is to be used.
+ * wpa_gui: Fix compilation with gcc/g++ 4.7.
+ * EAP-AKA'
+ - Update to RFC 5448 in the leading characters used in the username.
+ This will make EAP-AKA' not interoperate between the earlier draft
+ version and the new version.
+ - Fix SIM/USIM determination to support EAP-AKA'.
+ * dbus:
+ - Add global capabilities property.
+ - Fix bss_expire_count getter, which was returning the wrong value.
+ - P2P: Remove network_object dictionary entry from signal
+ GroupStarted.
+ - Fix D-Bus build without ctrl_iface.
+ * WPS:
+ - Fix nonce comparisons to compare all bytes, not just the first byte.
+ - Fix NFC password token building with WPS 2.0 to avoid wpabuf
+ overflow and application abort if NFC out-of-band mechanism is used
+ with WPS 2.0 enabled.
+ - Fix cleanup of WPS operations (by clearing them) in WPA_SCANNING
+ and WPA_DISCONNECTED states.
+ - Fix issue with BSSID filter handling that could cause only a single
+ one of the available BSSes to be available or could cause issues
+ connecting.
+ - Fix overlapping memcpy on WPS interface addition.
+ * P2P:
+ - Remove channel 14 from supported P2P channels.
+ - Fix Provision Discovery retries on delay in off channel
+ transmission, to avoid unnecessary retries.
+ - Limit maximum number of stored P2P clients (the p2p_client_list
+ parameter) to 100.
+ - Improve p2p_client_list updates in configuration file, reording
+ entries so that the most recently added values are maintained in
+ the list if the list gets truncated due to size.
+ - Fix Provision Discovery retries during p2p_find by making the
+ p2p_find case behave consistently with the limited retry
+ behavior used with Provision Discovery retries in the IDLE state.
+ - Fix P2P Client Discoverability bit updates so that the bit is only
+ updated based on P2P Group Info attribute from a GO.
+ - Fix GO Negotiation race condition where both devices may believe
+ they are the GO. (Ignore unexpected GO Neg Response if we have
+ already sent GO Neg Response.)
+ - Deinitialize global P2P context on P2P management interface removal.
+ - Wait 100 ms if driver fails to start listen operation. This is a
+ workaround for some drivers that may accept the remain-on-channel
+ command, but instead of indicating start event for
+ remain-on-channel, just indicate that the operation has been
+ cancelled immediately.
+ - Clone max_sta_num parameter for group interfaces, allowing this
+ parameter set in the main config file to apply to dynamically
+ created P2P group interfaces.
+ - Fix Device ID matching for Probe Request frames, which was checking
+ only the first octet of the P2P Device Address.
+ - Do not update peer Listen channel based on PD Request Invitation
+ Request frames (just on Probe Response frames).
+ - Fix p2p_listen to disallow scheduling a new after scan operation
+ in the case where a p2p_connect operation is pending.
2012-04-18 - v1.0
* bsd: Add support for setting HT values in IFM_MMASK.
Modified: wpa/trunk/wpa_supplicant/config.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/config.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/config.c (original)
+++ wpa/trunk/wpa_supplicant/config.c Wed Jan 16 18:13:08 2013
@@ -1372,10 +1372,18 @@
pos++;
if (hwaddr_aton(pos, addr)) {
- wpa_printf(MSG_ERROR, "Line %d: Invalid "
- "p2p_client_list address '%s'.",
- line, value);
- /* continue anyway */
+ if (count == 0) {
+ wpa_printf(MSG_ERROR, "Line %d: Invalid "
+ "p2p_client_list address '%s'.",
+ line, value);
+ os_free(buf);
+ return -1;
+ }
+ /* continue anyway since this could have been from a
+ * truncated configuration file line */
+ wpa_printf(MSG_INFO, "Line %d: Ignore likely "
+ "truncated p2p_client_list address '%s'",
+ line, pos);
} else {
n = os_realloc(buf, (count + 1) * ETH_ALEN);
if (n == NULL) {
@@ -1383,7 +1391,8 @@
return -1;
}
buf = n;
- os_memcpy(buf + count * ETH_ALEN, addr, ETH_ALEN);
+ os_memmove(buf + ETH_ALEN, buf, count * ETH_ALEN);
+ os_memcpy(buf, addr, ETH_ALEN);
count++;
wpa_hexdump(MSG_MSGDUMP, "p2p_client_list",
addr, ETH_ALEN);
@@ -1417,10 +1426,10 @@
pos = value;
end = value + 20 * ssid->num_p2p_clients;
- for (i = 0; i < ssid->num_p2p_clients; i++) {
+ for (i = ssid->num_p2p_clients; i > 0; i--) {
res = os_snprintf(pos, end - pos, MACSTR " ",
MAC2STR(ssid->p2p_client_list +
- i * ETH_ALEN));
+ (i - 1) * ETH_ALEN));
if (res < 0 || res >= end - pos) {
os_free(value);
return NULL;
Modified: wpa/trunk/wpa_supplicant/config_file.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/config_file.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/config_file.c (original)
+++ wpa/trunk/wpa_supplicant/config_file.c Wed Jan 16 18:13:08 2013
@@ -25,6 +25,29 @@
#include "p2p/p2p.h"
+static int newline_terminated(const char *buf, size_t buflen)
+{
+ size_t len = os_strlen(buf);
+ if (len == 0)
+ return 0;
+ if (len == buflen - 1 && buf[buflen - 1] != '\r' &&
+ buf[len - 1] != '\n')
+ return 0;
+ return 1;
+}
+
+
+static void skip_line_end(FILE *stream)
+{
+ char buf[100];
+ while (fgets(buf, sizeof(buf), stream)) {
+ buf[sizeof(buf) - 1] = '\0';
+ if (newline_terminated(buf, sizeof(buf)))
+ return;
+ }
+}
+
+
/**
* wpa_config_get_line - Read the next configuration file line
* @s: Buffer for the line
@@ -47,6 +70,15 @@
while (fgets(s, size, stream)) {
(*line)++;
s[size - 1] = '\0';
+ if (!newline_terminated(s, size)) {
+ /*
+ * The line was truncated - skip rest of it to avoid
+ * confusing error messages.
+ */
+ wpa_printf(MSG_INFO, "Long line in configuration file "
+ "truncated");
+ skip_line_end(stream);
+ }
pos = s;
/* Skip white space from the beginning of line. */
@@ -131,7 +163,7 @@
{
struct wpa_ssid *ssid;
int errors = 0, end = 0;
- char buf[256], *pos, *pos2;
+ char buf[2000], *pos, *pos2;
wpa_printf(MSG_MSGDUMP, "Line: %d - start of a new network block",
*line);
Modified: wpa/trunk/wpa_supplicant/config_ssid.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/config_ssid.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/config_ssid.h (original)
+++ wpa/trunk/wpa_supplicant/config_ssid.h Wed Jan 16 18:13:08 2013
@@ -400,6 +400,10 @@
*/
size_t num_p2p_clients;
+#ifndef P2P_MAX_STORED_CLIENTS
+#define P2P_MAX_STORED_CLIENTS 100
+#endif /* P2P_MAX_STORED_CLIENTS */
+
/**
* p2p_group - Network generated as a P2P group (used internally)
*/
Modified: wpa/trunk/wpa_supplicant/ctrl_iface.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/ctrl_iface.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/ctrl_iface.c (original)
+++ wpa/trunk/wpa_supplicant/ctrl_iface.c Wed Jan 16 18:13:08 2013
@@ -685,78 +685,6 @@
#endif /* CONFIG_IBSS_RSN */
-int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
- struct wpa_ssid *ssid,
- const char *field,
- const char *value)
-{
-#ifdef IEEE8021X_EAPOL
- struct eap_peer_config *eap = &ssid->eap;
-
- wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
- wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
- (const u8 *) value, os_strlen(value));
-
- switch (wpa_supplicant_ctrl_req_from_string(field)) {
- case WPA_CTRL_REQ_EAP_IDENTITY:
- os_free(eap->identity);
- eap->identity = (u8 *) os_strdup(value);
- eap->identity_len = os_strlen(value);
- eap->pending_req_identity = 0;
- if (ssid == wpa_s->current_ssid)
- wpa_s->reassociate = 1;
- break;
- case WPA_CTRL_REQ_EAP_PASSWORD:
- os_free(eap->password);
- eap->password = (u8 *) os_strdup(value);
- eap->password_len = os_strlen(value);
- eap->pending_req_password = 0;
- if (ssid == wpa_s->current_ssid)
- wpa_s->reassociate = 1;
- break;
- case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
- os_free(eap->new_password);
- eap->new_password = (u8 *) os_strdup(value);
- eap->new_password_len = os_strlen(value);
- eap->pending_req_new_password = 0;
- if (ssid == wpa_s->current_ssid)
- wpa_s->reassociate = 1;
- break;
- case WPA_CTRL_REQ_EAP_PIN:
- os_free(eap->pin);
- eap->pin = os_strdup(value);
- eap->pending_req_pin = 0;
- if (ssid == wpa_s->current_ssid)
- wpa_s->reassociate = 1;
- break;
- case WPA_CTRL_REQ_EAP_OTP:
- os_free(eap->otp);
- eap->otp = (u8 *) os_strdup(value);
- eap->otp_len = os_strlen(value);
- os_free(eap->pending_req_otp);
- eap->pending_req_otp = NULL;
- eap->pending_req_otp_len = 0;
- break;
- case WPA_CTRL_REQ_EAP_PASSPHRASE:
- os_free(eap->private_key_passwd);
- eap->private_key_passwd = (u8 *) os_strdup(value);
- eap->pending_req_passphrase = 0;
- if (ssid == wpa_s->current_ssid)
- wpa_s->reassociate = 1;
- break;
- default:
- wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
- return -1;
- }
-
- return 0;
-#else /* IEEE8021X_EAPOL */
- wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
- return -1;
-#endif /* IEEE8021X_EAPOL */
-}
-
-
static int wpa_supplicant_ctrl_iface_ctrl_rsp(struct wpa_supplicant *wpa_s,
char *rsp)
{
@@ -1601,8 +1529,7 @@
ssid = wpa_config_get_network(wpa_s->conf, id);
if (ssid)
wpas_notify_network_removed(wpa_s, ssid);
- if (ssid == NULL ||
- wpa_config_remove_network(wpa_s->conf, id) < 0) {
+ if (ssid == NULL) {
wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
"id=%d", id);
return -1;
@@ -1624,6 +1551,12 @@
eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
+ }
+
+ if (wpa_config_remove_network(wpa_s->conf, id) < 0) {
+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: Not able to remove the "
+ "network id=%d", id);
+ return -1;
}
return 0;
Modified: wpa/trunk/wpa_supplicant/ctrl_iface.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/ctrl_iface.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/ctrl_iface.h (original)
+++ wpa/trunk/wpa_supplicant/ctrl_iface.h Wed Jan 16 18:13:08 2013
@@ -95,21 +95,6 @@
void wpa_supplicant_ctrl_iface_wait(struct ctrl_iface_priv *priv);
/**
- * wpa_supplicant_ctrl_iface_ctrl_rsp_handle - Handle a control response
- * @wpa_s: Pointer to wpa_supplicant data
- * @ssid: Pointer to the network block the reply is for
- * @field: field the response is a reply for
- * @value: value (ie, password, etc) for @field
- * Returns: 0 on success, non-zero on error
- *
- * Helper function to handle replies to control interface requests.
- */
-int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
- struct wpa_ssid *ssid,
- const char *field,
- const char *value);
-
-/**
* wpa_supplicant_global_ctrl_iface_init - Initialize global control interface
* @global: Pointer to global data from wpa_supplicant_init()
* Returns: Pointer to private data on success, %NULL on failure
Modified: wpa/trunk/wpa_supplicant/dbus/dbus_new.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/dbus/dbus_new.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/dbus/dbus_new.c (original)
+++ wpa/trunk/wpa_supplicant/dbus/dbus_new.c Wed Jan 16 18:13:08 2013
@@ -983,7 +983,6 @@
DBusMessage *msg;
DBusMessageIter iter, dict_iter;
struct wpas_dbus_priv *iface;
- char net_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
char group_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
iface = wpa_s->parent->global->dbus;
@@ -1021,14 +1020,8 @@
client ? "client" : "GO"))
goto nomem;
- os_snprintf(net_obj_path, WPAS_DBUS_OBJECT_PATH_MAX,
- "%s/" WPAS_DBUS_NEW_NETWORKS_PART "/%u",
- wpa_s->parent->dbus_new_path, network_id);
-
if (!wpa_dbus_dict_append_object_path(&dict_iter, "group_object",
group_obj_path) ||
- !wpa_dbus_dict_append_object_path(&dict_iter, "network_object",
- net_obj_path) ||
!wpa_dbus_dict_close_write(&iter, &dict_iter))
goto nomem;
@@ -1817,6 +1810,10 @@
wpas_dbus_getter_eap_methods,
NULL
},
+ { "Capabilities", WPAS_DBUS_NEW_INTERFACE, "as",
+ wpas_dbus_getter_global_capabilities,
+ NULL
+ },
{ NULL, NULL, NULL, NULL, NULL }
};
Modified: wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.c (original)
+++ wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.c Wed Jan 16 18:13:08 2013
@@ -928,6 +928,44 @@
}
+/**
+ * wpas_dbus_getter_global_capabilities - Request supported global capabilities
+ * @iter: Pointer to incoming dbus message iter
+ * @error: Location to store error on failure
+ * @user_data: Function specific data
+ * Returns: TRUE on success, FALSE on failure
+ *
+ * Getter for "Capabilities" property. Handles requests by dbus clients to
+ * return a list of strings with supported capabilities like AP, RSN IBSS,
+ * and P2P that are determined at compile time.
+ */
+dbus_bool_t wpas_dbus_getter_global_capabilities(DBusMessageIter *iter,
+ DBusError *error,
+ void *user_data)
+{
+ const char *capabilities[5] = { NULL, NULL, NULL, NULL, NULL };
+ size_t num_items = 0;
+
+#ifdef CONFIG_AP
+ capabilities[num_items++] = "ap";
+#endif /* CONFIG_AP */
+#ifdef CONFIG_IBSS_RSN
+ capabilities[num_items++] = "ibss-rsn";
+#endif /* CONFIG_IBSS_RSN */
+#ifdef CONFIG_P2P
+ capabilities[num_items++] = "p2p";
+#endif /* CONFIG_P2P */
+#ifdef CONFIG_INTERWORKING
+ capabilities[num_items++] = "interworking";
+#endif /* CONFIG_INTERWORKING */
+
+ return wpas_dbus_simple_array_property_getter(iter,
+ DBUS_TYPE_STRING,
+ capabilities,
+ num_items, error);
+}
+
+
static int wpas_dbus_get_scan_type(DBusMessage *message, DBusMessageIter *var,
char **type, DBusMessage **reply)
{
@@ -2363,7 +2401,7 @@
void *user_data)
{
struct wpa_supplicant *wpa_s = user_data;
- dbus_uint32_t expire_count = wpa_s->conf->bss_expiration_age;
+ dbus_uint32_t expire_count = wpa_s->conf->bss_expiration_scan_count;
return wpas_dbus_simple_property_getter(iter, DBUS_TYPE_UINT32,
&expire_count, error);
Modified: wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.h (original)
+++ wpa/trunk/wpa_supplicant/dbus/dbus_new_handlers.h Wed Jan 16 18:13:08 2013
@@ -86,6 +86,10 @@
dbus_bool_t wpas_dbus_getter_eap_methods(DBusMessageIter *iter,
DBusError *error, void *user_data);
+dbus_bool_t wpas_dbus_getter_global_capabilities(DBusMessageIter *iter,
+ DBusError *error,
+ void *user_data);
+
DBusMessage * wpas_dbus_handler_scan(DBusMessage *message,
struct wpa_supplicant *wpa_s);
Modified: wpa/trunk/wpa_supplicant/events.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/events.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/events.c (original)
+++ wpa/trunk/wpa_supplicant/events.c Wed Jan 16 18:13:08 2013
@@ -248,7 +248,8 @@
if (eap->vendor == EAP_VENDOR_IETF) {
if (eap->method == EAP_TYPE_SIM)
sim = 1;
- else if (eap->method == EAP_TYPE_AKA)
+ else if (eap->method == EAP_TYPE_AKA ||
+ eap->method == EAP_TYPE_AKA_PRIME)
aka = 1;
}
eap++;
@@ -257,7 +258,9 @@
if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL)
sim = 0;
- if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL)
+ if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL &&
+ eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA_PRIME) ==
+ NULL)
aka = 0;
if (!sim && !aka) {
Modified: wpa/trunk/wpa_supplicant/interworking.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/interworking.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/interworking.c (original)
+++ wpa/trunk/wpa_supplicant/interworking.c Wed Jan 16 18:13:08 2013
@@ -501,6 +501,7 @@
break;
if (os_memcmp(pos, plmn, 3) == 0)
return 1; /* Found matching PLMN */
+ pos += 3;
}
}
Modified: wpa/trunk/wpa_supplicant/p2p_supplicant.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/p2p_supplicant.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/p2p_supplicant.c (original)
+++ wpa/trunk/wpa_supplicant/p2p_supplicant.c Wed Jan 16 18:13:08 2013
@@ -104,7 +104,6 @@
struct wpabuf *wps_ie, *ies;
int social_channels[] = { 2412, 2437, 2462, 0, 0 };
size_t ielen;
- int was_in_p2p_scan;
if (wpa_s->global->p2p_disabled || wpa_s->global->p2p == NULL)
return -1;
@@ -155,19 +154,18 @@
break;
}
- was_in_p2p_scan = wpa_s->scan_res_handler == wpas_p2p_scan_res_handler;
- wpa_s->scan_res_handler = wpas_p2p_scan_res_handler;
ret = wpa_drv_scan(wpa_s, ¶ms);
wpabuf_free(ies);
if (ret) {
- wpa_s->scan_res_handler = NULL;
- if (wpa_s->scanning || was_in_p2p_scan) {
+ if (wpa_s->scanning ||
+ wpa_s->scan_res_handler == wpas_p2p_scan_res_handler) {
wpa_s->p2p_cb_on_scan_complete = 1;
ret = 1;
}
- }
+ } else
+ wpa_s->scan_res_handler = wpas_p2p_scan_res_handler;
return ret;
}
@@ -477,6 +475,7 @@
struct wpa_ssid *ssid, *s;
u8 *n;
size_t i;
+ int found = 0;
ssid = wpa_s->current_ssid;
if (ssid == NULL || ssid->mode != WPAS_MODE_P2P_GO ||
@@ -497,17 +496,40 @@
for (i = 0; s->p2p_client_list && i < s->num_p2p_clients; i++) {
if (os_memcmp(s->p2p_client_list + i * ETH_ALEN, addr,
- ETH_ALEN) == 0)
- return; /* already in list */
- }
-
- n = os_realloc(s->p2p_client_list,
- (s->num_p2p_clients + 1) * ETH_ALEN);
- if (n == NULL)
- return;
- os_memcpy(n + s->num_p2p_clients * ETH_ALEN, addr, ETH_ALEN);
- s->p2p_client_list = n;
- s->num_p2p_clients++;
+ ETH_ALEN) != 0)
+ continue;
+
+ if (i == s->num_p2p_clients - 1)
+ return; /* already the most recent entry */
+
+ /* move the entry to mark it most recent */
+ os_memmove(s->p2p_client_list + i * ETH_ALEN,
+ s->p2p_client_list + (i + 1) * ETH_ALEN,
+ (s->num_p2p_clients - i - 1) * ETH_ALEN);
+ os_memcpy(s->p2p_client_list +
+ (s->num_p2p_clients - 1) * ETH_ALEN, addr, ETH_ALEN);
+ found = 1;
+ break;
+ }
+
+ if (!found && s->num_p2p_clients < P2P_MAX_STORED_CLIENTS) {
+ n = os_realloc(s->p2p_client_list,
+ (s->num_p2p_clients + 1) * ETH_ALEN);
+ if (n == NULL)
+ return;
+ os_memcpy(n + s->num_p2p_clients * ETH_ALEN, addr, ETH_ALEN);
+ s->p2p_client_list = n;
+ s->num_p2p_clients++;
+ } else if (!found) {
+ /* Not enough room for an additional entry - drop the oldest
+ * entry */
+ os_memmove(s->p2p_client_list,
+ s->p2p_client_list + ETH_ALEN,
+ (s->num_p2p_clients - 1) * ETH_ALEN);
+ os_memcpy(s->p2p_client_list +
+ (s->num_p2p_clients - 1) * ETH_ALEN,
+ addr, ETH_ALEN);
+ }
#ifndef CONFIG_NO_CONFIG_WRITE
if (wpa_s->parent->conf->update_config &&
@@ -829,6 +851,7 @@
d->p2p_group_idle = s->p2p_group_idle;
d->p2p_intra_bss = s->p2p_intra_bss;
d->persistent_reconnect = s->persistent_reconnect;
+ d->max_num_sta = s->max_num_sta;
}
@@ -2131,7 +2154,6 @@
int cla, op;
struct p2p_oper_class_map op_class[] = {
{ HOSTAPD_MODE_IEEE80211G, 81, 1, 13, 1, BW20 },
- { HOSTAPD_MODE_IEEE80211G, 82, 14, 14, 1, BW20 },
#if 0 /* Do not enable HT40 on 2 GHz for now */
{ HOSTAPD_MODE_IEEE80211G, 83, 1, 9, 1, BW40PLUS },
{ HOSTAPD_MODE_IEEE80211G, 84, 5, 13, 1, BW40MINUS },
@@ -2379,6 +2401,7 @@
global->p2p = p2p_init(&p2p);
if (global->p2p == NULL)
return -1;
+ global->p2p_init_wpa_s = wpa_s;
for (i = 0; i < MAX_WPS_VENDOR_EXT; i++) {
if (wpa_s->conf->wps_vendor_ext[i] == NULL)
@@ -2469,6 +2492,7 @@
p2p_deinit(global->p2p);
global->p2p = NULL;
+ global->p2p_init_wpa_s = NULL;
}
Modified: wpa/trunk/wpa_supplicant/scan.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/scan.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/scan.c (original)
+++ wpa/trunk/wpa_supplicant/scan.c Wed Jan 16 18:13:08 2013
@@ -373,9 +373,7 @@
#endif /* CONFIG_INTERWORKING */
-static struct wpabuf *
-wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s,
- struct wpa_driver_scan_params *params)
+static struct wpabuf * wpa_supplicant_extra_ies(struct wpa_supplicant *wpa_s)
{
struct wpabuf *extra_ie = NULL;
#ifdef CONFIG_WPS
@@ -583,7 +581,7 @@
}
wpa_supplicant_optimize_freqs(wpa_s, ¶ms);
- extra_ie = wpa_supplicant_extra_ies(wpa_s, ¶ms);
+ extra_ie = wpa_supplicant_extra_ies(wpa_s);
if (params.freqs == NULL && wpa_s->next_scan_freqs) {
wpa_dbg(wpa_s, MSG_DEBUG, "Optimize scan based on previously "
@@ -699,8 +697,8 @@
{
struct wpa_driver_scan_params params;
enum wpa_states prev_state;
- struct wpa_ssid *ssid;
- struct wpabuf *wps_ie = NULL;
+ struct wpa_ssid *ssid = NULL;
+ struct wpabuf *extra_ie = NULL;
int ret;
unsigned int max_sched_scan_ssids;
@@ -786,8 +784,11 @@
return 0;
}
- if (wpa_s->wps)
- wps_ie = wpa_supplicant_extra_ies(wpa_s, ¶ms);
+ extra_ie = wpa_supplicant_extra_ies(wpa_s);
+ if (extra_ie) {
+ params.extra_ies = wpabuf_head(extra_ie);
+ params.extra_ies_len = wpabuf_len(extra_ie);
+ }
wpa_dbg(wpa_s, MSG_DEBUG,
"Starting sched scan: interval %d timeout %d",
@@ -795,7 +796,7 @@
ret = wpa_supplicant_start_sched_scan(wpa_s, ¶ms,
wpa_s->sched_scan_interval);
- wpabuf_free(wps_ie);
+ wpabuf_free(extra_ie);
os_free(params.filter_ssids);
if (ret) {
wpa_msg(wpa_s, MSG_WARNING, "Failed to initiate sched scan");
Modified: wpa/trunk/wpa_supplicant/sme.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/sme.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/sme.c (original)
+++ wpa/trunk/wpa_supplicant/sme.c Wed Jan 16 18:13:08 2013
@@ -331,6 +331,7 @@
wpa_s->sme.auth_alg == data->auth.auth_type ||
wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP) {
wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
return;
}
@@ -434,6 +435,7 @@
wpa_msg(wpa_s, MSG_INFO, "SME: Association request to the "
"driver failed");
wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
return;
}
Modified: wpa/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp (original)
+++ wpa/trunk/wpa_supplicant/wpa_gui-qt4/wpagui.cpp Wed Jan 16 18:13:08 2013
@@ -12,16 +12,12 @@
* See README and COPYING for more details.
*/
-#ifdef __MINGW32__
-/* Need to get getopt() */
-#include <unistd.h>
-#endif
-
#ifdef CONFIG_NATIVE_WINDOWS
#include <windows.h>
#endif /* CONFIG_NATIVE_WINDOWS */
#include <cstdio>
+#include <unistd.h>
#include <QMessageBox>
#include <QCloseEvent>
#include <QImageReader>
Modified: wpa/trunk/wpa_supplicant/wpa_supplicant.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/wpa_supplicant.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/wpa_supplicant.c (original)
+++ wpa/trunk/wpa_supplicant/wpa_supplicant.c Wed Jan 16 18:13:08 2013
@@ -1137,7 +1137,10 @@
"mode");
return;
}
- wpa_supplicant_create_ap(wpa_s, ssid);
+ if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
+ return;
+ }
wpa_s->current_bss = bss;
#else /* CONFIG_AP */
wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
@@ -1365,7 +1368,12 @@
if (bss) {
params.ssid = bss->ssid;
params.ssid_len = bss->ssid_len;
- if (!wpas_driver_bss_selection(wpa_s)) {
+ if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
+ wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
+ MACSTR " freq=%u MHz based on scan results "
+ "(bssid_set=%d)",
+ MAC2STR(bss->bssid), bss->freq,
+ ssid->bssid_set);
params.bssid = bss->bssid;
params.freq = bss->freq;
}
@@ -1435,6 +1443,7 @@
* succeed.
*/
wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
return;
}
@@ -2418,6 +2427,14 @@
}
wpa_supplicant_cleanup(wpa_s);
+
+#ifdef CONFIG_P2P
+ if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
+ "the management interface is being removed");
+ wpas_p2p_deinit_global(wpa_s->global);
+ }
+#endif /* CONFIG_P2P */
if (notify)
wpas_notify_iface_removed(wpa_s);
@@ -2926,3 +2943,77 @@
return wpa_s->conf->ap_scan == 2 ||
(wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
}
+
+
+#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
+int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
+ struct wpa_ssid *ssid,
+ const char *field,
+ const char *value)
+{
+#ifdef IEEE8021X_EAPOL
+ struct eap_peer_config *eap = &ssid->eap;
+
+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
+ wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
+ (const u8 *) value, os_strlen(value));
+
+ switch (wpa_supplicant_ctrl_req_from_string(field)) {
+ case WPA_CTRL_REQ_EAP_IDENTITY:
+ os_free(eap->identity);
+ eap->identity = (u8 *) os_strdup(value);
+ eap->identity_len = os_strlen(value);
+ eap->pending_req_identity = 0;
+ if (ssid == wpa_s->current_ssid)
+ wpa_s->reassociate = 1;
+ break;
+ case WPA_CTRL_REQ_EAP_PASSWORD:
+ os_free(eap->password);
+ eap->password = (u8 *) os_strdup(value);
+ eap->password_len = os_strlen(value);
+ eap->pending_req_password = 0;
+ if (ssid == wpa_s->current_ssid)
+ wpa_s->reassociate = 1;
+ break;
+ case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
+ os_free(eap->new_password);
+ eap->new_password = (u8 *) os_strdup(value);
+ eap->new_password_len = os_strlen(value);
+ eap->pending_req_new_password = 0;
+ if (ssid == wpa_s->current_ssid)
+ wpa_s->reassociate = 1;
+ break;
+ case WPA_CTRL_REQ_EAP_PIN:
+ os_free(eap->pin);
+ eap->pin = os_strdup(value);
+ eap->pending_req_pin = 0;
+ if (ssid == wpa_s->current_ssid)
+ wpa_s->reassociate = 1;
+ break;
+ case WPA_CTRL_REQ_EAP_OTP:
+ os_free(eap->otp);
+ eap->otp = (u8 *) os_strdup(value);
+ eap->otp_len = os_strlen(value);
+ os_free(eap->pending_req_otp);
+ eap->pending_req_otp = NULL;
+ eap->pending_req_otp_len = 0;
+ break;
+ case WPA_CTRL_REQ_EAP_PASSPHRASE:
+ os_free(eap->private_key_passwd);
+ eap->private_key_passwd = (u8 *) os_strdup(value);
+ eap->pending_req_passphrase = 0;
+ if (ssid == wpa_s->current_ssid)
+ wpa_s->reassociate = 1;
+ break;
+ default:
+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
+ return -1;
+ }
+
+ return 0;
+#else /* IEEE8021X_EAPOL */
+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
+ return -1;
+#endif /* IEEE8021X_EAPOL */
+}
+#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
Modified: wpa/trunk/wpa_supplicant/wpa_supplicant_i.h
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/wpa_supplicant_i.h?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/wpa_supplicant_i.h (original)
+++ wpa/trunk/wpa_supplicant/wpa_supplicant_i.h Wed Jan 16 18:13:08 2013
@@ -219,6 +219,7 @@
size_t drv_count;
struct os_time suspend_time;
struct p2p_data *p2p;
+ struct wpa_supplicant *p2p_init_wpa_s;
struct wpa_supplicant *p2p_group_formation;
u8 p2p_dev_addr[ETH_ALEN];
struct dl_list p2p_srv_bonjour; /* struct p2p_srv_bonjour */
@@ -584,6 +585,21 @@
void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid);
int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s);
+/**
+ * wpa_supplicant_ctrl_iface_ctrl_rsp_handle - Handle a control response
+ * @wpa_s: Pointer to wpa_supplicant data
+ * @ssid: Pointer to the network block the reply is for
+ * @field: field the response is a reply for
+ * @value: value (ie, password, etc) for @field
+ * Returns: 0 on success, non-zero on error
+ *
+ * Helper function to handle replies to control interface requests.
+ */
+int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
+ struct wpa_ssid *ssid,
+ const char *field,
+ const char *value);
+
/* events.c */
void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s);
int wpa_supplicant_connect(struct wpa_supplicant *wpa_s,
Modified: wpa/trunk/wpa_supplicant/wps_supplicant.c
URL: http://svn.debian.org/wsvn/pkg-wpa/wpa/trunk/wpa_supplicant/wps_supplicant.c?rev=1796&op=diff
==============================================================================
--- wpa/trunk/wpa_supplicant/wps_supplicant.c (original)
+++ wpa/trunk/wpa_supplicant/wps_supplicant.c Wed Jan 16 18:13:08 2013
@@ -268,6 +268,7 @@
ssid->eap.eap_methods = NULL;
if (!ssid->p2p_group)
ssid->temporary = 0;
+ ssid->bssid_set = 0;
} else {
wpa_printf(MSG_DEBUG, "WPS: Create a new network based on the "
"received credential");
@@ -913,7 +914,8 @@
}
#endif /* CONFIG_AP */
- if (wpa_s->wpa_state == WPA_SCANNING) {
+ if (wpa_s->wpa_state == WPA_SCANNING ||
+ wpa_s->wpa_state == WPA_DISCONNECTED) {
wpa_printf(MSG_DEBUG, "WPS: Cancel operation - cancel scan");
wpa_supplicant_cancel_scan(wpa_s);
wpas_clear_wps(wpa_s);
@@ -1107,8 +1109,10 @@
while (first && first->next)
first = first->next;
if (first && first != wpa_s) {
- os_memcpy(wps->uuid, wpa_s->global->ifaces->wps->uuid,
- WPS_UUID_LEN);
+ if (wps != wpa_s->global->ifaces->wps)
+ os_memcpy(wps->uuid,
+ wpa_s->global->ifaces->wps->uuid,
+ WPS_UUID_LEN);
wpa_hexdump(MSG_DEBUG, "WPS: UUID from the first "
"interface", wps->uuid, WPS_UUID_LEN);
} else {
More information about the Pkg-wpa-devel
mailing list